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DETAILED ACTION 

1 . This action is responsive to communications: application, filed 10/31/2003; 
amendment filed 11/5/2007. 

2. Claims 10-18, 24-28 and 33-36 are pending in the case. 

Response to Arguments 

3. With respect to claims 10, 1 1-13, and 16-18, applicant argues that Kester fails to 
disclose, denying execution of the program code on the client if a version of the 
program code on the client is different from the version of the program code satisfying 
the operating policy. In support, applicant cites Kester Col. 5 liners 10-25, and argues 
that the cited part does not include the version as a factor mentioned in the hash/policy 
table 204. Based on this assumption, applicant concludes that version is not a factor in 
deciding if a program should be executed or not. However, careful review of teachings 
of Kester indicates that Kester actually does include "version" as a factor to decide 
allowing execution or denying it. As indicated in section 4 of the previous Office Action, 
a hash, which identifies the application, is generated. One of the identifiers is the 
version of the application, as shown in col. 4 lines 42-52. Tp further explain this, the 
hash is the digest generated by the digest generator. Note that "version" is one of the 
parameters parsed by the digest generator (see col 4 lines 48-52). According to col. 4 
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line 66 to col. 5 line 9, the parsed properties are compared with the request within the 
hash/policy table. Note that the hash/policy table includes parsed properties. Therefore, 
Kester teaches that "version", which is one of the parsed properties, is compared in the 
hash/policy table. As admitted by the applicant, the hash/policy table, and the result of 
comparing the items within the hash/policy table with the items extracted from the file is 
used to determine whether access should be allowed or denied. Therefore, Kester's 
teaching is not limited to verifying the application file itself. If Kester was only concerned 
with the application itself, then only the hash of the application itself would have been 
verified, and there would be no need for the digest generator to parse all the other 
properties (e.g. version) and create hashes. The fact that the items parsed by the digest 
generator are used to generate the hash is further indicated in col. 12, lines 59-67, 
where it is clearly shown that application digest prepared by application digest generator 
is compared with hashes in the hash/policy table. Therefore, Kester teaches identifying 
the version of a program, creating a hash (digests) of properties related to the program 
(one of which is version) and compares the generated hash with the hash in the 
hash/policy table. If the versions don't match, the hashes don't match, and the program 
execution is denied. 

With regards to dependent claim 17, applicant argues that Kester does not teach 
notifying the administrator if the versions don't match. Applicant argues that Kester only 
teaches what the administrator would do. However, Kester teaches what the 
administrator would do, is also triggered by what the administrator is notified. One of the 
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policies identified by Kester is alerting the user in the event when there is a mismatch 
(see col. 5 lines 30-35, or col. 13, lines 4-15). Therefore, Kester teaches alerting 
(notifying) users when there is a mismatch. In addition, the cited col. 15 lines 32-60 
shows when a game program is denied access the parents associated with the 
workstation are identified, and the network administrator can update the policy. 
Therefore, the administrator is notified of the denial of access to program, and then 
updates the policy. This is more particularly shown in col. 13, lines 4-15, where the user 
is alerted that the administrator will perform more scrutiny of the application. Therefore, 
the administrator must have been notified of the event. 

Based on the discussion above, applicant's argument relative to allowability of claims 
10, 11-13, and 16-18 is found non persuasive. 

With respect to claims 24, 26, and 33-36, applicant's argument is similar to their 
argument discussed above. 

With respect to claims 14-15, 25, and 27-28, applicant's argument is based on their 
argument regarding the allowability of the independent claims. 

Accordingly, applicant's argument relative to allowability of all pending claims is found 
non persuasive. 
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Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
by another who has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this 
title before the invention thereof by the applicant for patent. 

5. Claims 10-13, 16-18, 24, 26, 33-36 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Kester et al. (US Patent No. 7,185,015, filed March 14, 2003), hereinafter 
called Kester. 

Kester teaches detecting the launch of an application on a workstation (col. 4 lines 24- 
30) by a workstation management module, and determining access privileges of the 
workstation or the user. This determination is based on the application attributes, one of 
which is the version of the application (a hash, which identifies the application, is 
generated. One of the identifiers is the version of the application, as shown in col. 4 
lines 42-52). the access privileges are determined based on an operating policy (col. 5 
lines 25-30), and if the policy does not allow the execution of the identified application, 
the execution is denied (col. 5 lines 30-39). Kester teaches the limitations of claims 
detailed as follows: 
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5.1 . As per claim 10, Kester is directed to a method comprising: determining a version 
of program code (col. 4 lines 48-53, where the version of an application (program code) 
is determined as a property of the application) satisfying an operating policy (col. 5 lines 
25-30, where the policy corresponding to the application is also identified); and denying 
execution of program code on a client if a version of the program code on the client is 
different from the version of program code satisfying the operating policy (col. 5 lines 
33-35, where the execution is denied if the policy does not allow it. Therefore, if the 
policy associated with the version of the launched program does not allow its execution, 
it won't be executed, and if the policy associated with the version allows execution, it will 
be executed. Therefore, the program version that is different than the version allowed to 
be executed, will not be executed.) 

5.2. As per claim 1 1 , Kester is directed to he method of claim 1 0, further comprising 
executing the program code on the client when the version of program code on the 
client corresponds to the version of program code satisfying the operating policy (see 
response to claim 1). 

5.3. As per claim 12, Kester is directed to the method of claim 10, further comprising 
determining the version of program code on the client during launch of the program 
code (col. 4, lines 42-43). 
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5.4. As per claim 13, Kester is directed to the method of claim 10, further comprising 
receiving the operating policy at the client (col. 5 lines 4-9. Note that per Fig. 2, the 
workstation management module is part of the workstation). 

5.5. As per claim 16, Kester is directed to the method of claim 10, further comprising 
notifying a user at the client if the version of program code on the client is different from 
the version of program code satisfying the operating policy (col. 5, lines 47-62). 

5.6. As per claim 17, Kester is directed to the method of claim 10, further comprising 
notifying a network administrator if the version of program code on the client is different 
from the version of program code satisfying the operating policy (col. 15, lines 32-60). 

5.7. As per claim 18, Kester is directed to the method of claim 10, further comprising 
recording in a log if the version of program code on the client is different from the 
version of program code satisfying the operating policy (col. 13, lines 4-21). 

5.8. Limitations of claims 24 and 26 are substantially the same as claims 10-13, and 
16-18 above. 

5.9. Limitations of claims 33-36 is substantially the same as limitations of claims 
discussed above. 
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Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 14-15, 25, 27, and 28 rejected under 35 U.S.C. 103(a) as being 
unpatentable over Kester. 

7.1. As per claim 14, Kester is directed to the method of claim 10, further comprising 
writing the version of program code on the client to a cache and then reading the cache 
while the program code is loading (col. 13, lines 4-21 teaches logging that an 
application is allowed for execution. Examiner takes the official notice that caching to 
speed up a decision process was well-known in the art. Therefore, Kester's teaching of 
logging the execution allowed application, and the official notice make caching and 
reading the cache while program is running to speed up decision making to execute the 
program obvious. 

7.2. As per claim 15, Kester is directed to the method of claim 10, further comprising 
updating the program code on the client when the version of program code on the client 
is different from the version of program code satisfying the operating policy (col. 15 lines 
32-60 teaches downloading and categorizing applications to workstations (note that per 
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col. 10, lines 17-20, collection data includes application itself). Kester teaches how the 
administrator determines if a program can be executed on a workstation. It also teaches 
how applications can be updated on a workstation. Examiner takes the official notice 
that downloading a version of a program that can be executed on certain workstations 
was a well-known practice for the system administrators. Therefore, the official notice 
and teachings of Kester makes downloading the version that satisfies the policy (is 
allowed for execution) to the client obvious. Note further that col. 14, lines 27-54 
teaches collecting an inventory of all applications on workstations, and determining if 
the programs are allowed for execution. 

7.3. As per claim 25, Kester is directed to the system of claim 24, further comprising a 
security module authenticating the client in a network, the authenticated client receiving 
the operating policy (col. 18 lines 2-5 shows encryption of data such that only the 
authorized user can read it, therefore teaching a security module and making 
authentication to protect data confidentiality obvious). 

7.4. As per claims 27 and 28, Kester is directed to the system of claim 24, wherein 
the operating policy includes at least one access control list (ACL) or ACE (ACL and 
ACE were well-known mechanisms to specify a policy.. Examiner takes official notice 
that because ACL and ACE were widely used, it would have been obvious to use them 
to express policy). 
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Conclusion 

8. THIS ACTION IS MADE FINAL, as no new ground of rejection is included. See 
MPEP § 7.39. Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Farid Homayounmehr whose telephone number is (571) 
272-3739. The examiner can be normally reached on 9 hrs Mon-Fri, off Monday 
biweekly. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571) 272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Farid Homayounmehr _ 
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